hazelcast / quarkus-hazelcast-client

Quarkus Hazelcast Client Extension
44 stars 10 forks source link

[Snyk] Upgrade com.hazelcast:hazelcast from 5.2.4 to 5.3.2 #385

Closed promanenko closed 9 months ago

promanenko commented 1 year ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade com.hazelcast:hazelcast from 5.2.4 to 5.3.2.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **5 versions** ahead of your current version. - The recommended version was released **2 months ago**, on 2023-08-21. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Insufficiently Protected Credentials
[SNYK-JAVA-COMHAZELCAST-5591146](https://snyk.io/vuln/SNYK-JAVA-COMHAZELCAST-5591146) | **539/1000**
**Why?** Has a fix available, CVSS 6.5 | No Known Exploit (*) Note that the real score may have changed since the PR was raised.
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/promanenko/project/a2f7b9e3-9c5f-4988-9f22-1e1edfcc99a3?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/promanenko/project/a2f7b9e3-9c5f-4988-9f22-1e1edfcc99a3/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/promanenko/project/a2f7b9e3-9c5f-4988-9f22-1e1edfcc99a3/settings/integration?pkg=com.hazelcast:hazelcast&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
devOpsHazelcast commented 1 year ago

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

devOpsHazelcast commented 9 months ago

PR closed by Hazelcast automation as no activity (>3 months). Please reopen with comments, if necessary. Thank you for using Hazelcast and your valuable contributions